package com.xc.config;

import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;

/**
 * 自定义认证逻辑
 */
public class KaptchaAuthenticationProvider extends DaoAuthenticationProvider {

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        HttpServletRequest req = ((ServletRequestAttributes) (RequestContextHolder.getRequestAttributes())).getRequest();
        String kaptcha = req.getParameter("kaptcha");

        // if(req.getSession().getAttribute("kaptcha").equals(kaptcha)){
            return super.authenticate(authentication);
        // }
        // throw new AuthenticationServiceException("验证码输入错误");
    }
}
